﻿<%@ WebHandler Language="C#" Class="Repass" %>

using System;
using System.Collections.Generic;
using System.Data;
using System.Web;
using System.Web.SessionState;

public class Repass : IHttpHandler, IRequiresSessionState
{
    
    public void ProcessRequest (HttpContext context) {
        context.Response.ContentType = "text/plain";
        string oldpass = context.Request.Params["oldpass"];
        string newpass = context.Request.Params["newpass"];
        string repass = context.Request.Params["repass"];
        string EnterpriseName = context.Session["EnterpriseName"].ToString();
        int code = 0;

        code = loginAsync(EnterpriseName,oldpass, newpass, repass);
            if (code == 200)
            {
                context.Session["User"] = "";
                context.Session["Pass"] = "";
                context.Session["EnterpriseName"] = "";
            }
            context.Response.Write("{\"code\":\"" + code + "\",\"msg\":\"" + result[code] + "\",\"forward\":\"/Login.aspx\"}");
    }

    MsSqlHelper mssql = new MsSqlHelper();
    Common Init = new Common();

    public int loginAsync(string entname,string oldpass, string newpass,string repass)
    {
        int result = 0;
        if (string.IsNullOrEmpty(oldpass)) return 104;
        if (string.IsNullOrEmpty(newpass)) return 105;
        if (string.IsNullOrEmpty(repass)) return 106;
        if (newpass != repass) { result = 103; }
        else
        {
            entname = entname.Replace(";", "");
            string pass = mssql.GetString("select top 1 UserPass from [Web_User](nolock) where UserID='" + entname + "'");
            if (Init.Decrypt(pass) != oldpass) { result = 101; }
            else
            {
                if (mssql.ExecuteSql("update [Web_User] set UserPass='" +Init.Encrypt(newpass) + "' where UserID='" + entname + "'") > 0)
                {
                    result = 200;
                }
            }
        }
        return result;       
    }

    private Dictionary<int, string> result = new Dictionary<int, string>()
        { 
            { 100, "账号不存在"},            
            { 101, "密码错误"},
            { 102,"账号被禁用"},
            { 103,"新密码与确认密码不符"},
            { 104,"旧密码不能为空"},
            { 105,"新密码不能为空"},
            { 106,"确认密码不能为空"},
            { 200, "密码修改成功"}
        };
 
    public bool IsReusable {
        get {
            return false;
        }
    }

}